HoneyJax (AKA Web Security Monitoring and Intelligence 2.0)

Presented at DEF CON 15 (2007), Aug. 5, 2007, 10 a.m. (50 minutes)

We have all heard of Honeypots and more recently HoneyClients. Now we are introducing the concept of HoneyJax. Once again functionality has beaten our security, and Web 2.0 is in full force. User-created content, radical trust, and social networks have lead to several malicious code attacks and spammers have learned that the web a great compliment to sell there trade. This session will show provide examples and insights into the problems of Web 2.0 and include one way to assist in the identification and tracking of mis-use of these technologies by deploying HoneyJax's within the operating environment.

Presenters:

• Dan Hubbard - VP Security Research, Websense Security Labs
  Dan Hubbard is VP of Security Research of Websense Inc. He manages all security research and security product vision at Websense, with responsibility for several security-related product features, and acts as a security evangelist externally. Hubbard is the pioneer behind Websense's Threatseeker Technology and started Websense Security Labs. The product that Threatseeker supports provides an additional layer of security to networks by preventing employees from inadvertently accessing sites that are infected with malicious mobile code or spyware. Hubbard has presented and spoke around the world at events such as Black Hat, RSA, InfoSec, and Toorcon. Also has been quoted by the media in publications such as USA Today, CNET, NY Times, NBC and ABC NEWS, and CNN.

Links:

• https://defcon.org/html/defcon-15/dc-15-speakers.html#Hubbard
• https://infocon.org/cons/DEF CON/DEF CON 15/DEF CON 15 video/DEF CON 15 - Dan Hubbard - HoneyJax - Video.mp4
• https://www.youtube.com/watch?v=8Ag-4Q7Ggc8

Similar Presentations:

• AppSec USA 2012 / Payback on Web Attackers: Web Honeypots
• ToorCon: Seattle (Beta) (2007) / Web 4.0
• DEF CON 13 (2005) / Attacking Web Services: The Next Generation of Vulnerable Apps